/**
 * @FileName: ClientApiIntercepter.java
 * @Author
 * @Description:
 * @Date 2016年1月5日 下午1:53:20
 * @CopyRight ZTE Corporation
 */
package cn.hpclub.server.interceptor;

import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import com.jfinal.aop.Interceptor;
import com.jfinal.aop.Invocation;
import com.jfinal.core.Controller;

import cn.hpclub.server.constant.ClientApiConstant;
import cn.hpclub.server.service.DigestService;
import cn.hpclub.server.service.TokenService;
import cn.hpclub.server.util.HttpUtil;

public class ClientApiIntercepter implements Interceptor{
    private static Logger log = LoggerFactory.getLogger(ClientApiIntercepter.class);

    /**
     * @param inv
     * @see com.jfinal.aop.Interceptor#intercept(com.jfinal.aop.Invocation)
     */
    @Override
    public void intercept(Invocation ai){
        Controller controller = ai.getController();
        // System.out.println("ClientApiIntercepter in");

        String appkey = controller.getPara(ClientApiConstant.Key.APPKEY);
        String timestamp = controller.getPara(ClientApiConstant.Key.TIMESTAMP);
        String digest = controller.getPara(ClientApiConstant.Key.DIGEST);

        if(!DigestService.service.validateDigest(digest, timestamp, appkey)){
            JSONObject jo = HttpUtil.setResponseObj(ClientApiConstant.ResultCode.FAILED,
                                                    ClientApiConstant.Msg.PARAEXCEPTION,
                                                    ClientApiConstant.Msg.PARA_EXCEPTION_DIGST);
            System.out.println("ClientApiIntercepter validateDigest to client msg = " + jo.toString());
            controller.renderText(jo.toString());
            return;
        }
        String actionMethodName = ai.getMethodName();
        // System.out.println("actionMethodName:" + actionMethodName);
        log.info("v1 api " + actionMethodName + " is called.");
        if(actionMethodName.equals("VerifyAccount") || actionMethodName.equals("SendSmsCode")
                || actionMethodName.equals("VerifySignCode") || actionMethodName.equals("ResetPassword")){
            ai.invoke();
            return;
        }

        String token = controller.getPara(ClientApiConstant.Key.TOKEN);

        // token非法和失效都返回1009，以便客户端统一处理跳到登陆界面。如果有些返回1006，有些返回1009，客户端统一处理非1000都跳到登陆界面，是有问题的，比如只是一般的接口异常。
        if(!TokenService.service.isTokenLegal(token)){
            // token非法
            JSONObject jo = HttpUtil.setResponseObj(ClientApiConstant.ResultCode.SESSION_TIMEOUT,
                                                    ClientApiConstant.Msg.PARA_ILLEGAL,
                                                    ClientApiConstant.Msg.PARA_ILLEGAL);
            System.out.println("ClientApiIntercepter isTokenLegal to client msg = " + jo.toString());
            controller.renderText(jo.toString());
            return;
        }
        if(!TokenService.service.isTokenActive(token)){
            // token失效
            JSONObject jo = HttpUtil.setResponseObj(ClientApiConstant.ResultCode.SESSION_TIMEOUT,
                                                    ClientApiConstant.Msg.MSG_SESSION_TIMEOUT,
                                                    ClientApiConstant.Msg.MSG_SESSION_TIMEOUT);
            System.out.println("ClientApiIntercepter isTokenActive to client msg = " + jo.toString());
            controller.renderText(jo.toString());
            return;
        }
        // 正常访问
        ai.invoke();

    }

}
